CVE-2026-3065 | HummerRisk up to 1.5.0 Cloud Task Dry-run CloudTaskService.java CommandUtils.commonExecCmdWithResult fileName command injection

A vulnerability was found in HummerRisk up to 1.5.0. It has been classified as critical. This affects the function CommandUtils.commonExecCmdWithResult of the file CloudTaskService.java of the component Cloud Task Dry-run. Performing a manipulation of the argument fileName results in command injection.

This vulnerability is known as CVE-2026-3065. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More